update dropbear to 0.47 (adds keyboard-interactive auth, fixes a potential security issue, fixes #59)

git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@2660 3c298f89-4303-0410-b956-a3cf2f4a3e73

6 files changed, 92 insertions, 76 deletions

diff --git a/package/dropbear/patches/100-pubkey_path.patch b/package/dropbear/patches/100-pubkey_path.patch
new file mode 100644
index 0000000000..4adda38b2b
--- /dev/null
+++ b/package/dropbear/patches/100-pubkey_path.patch
@@ -0,0 +1,89 @@
+diff -urN dropbear.old/svr-authpubkey.c dropbear.dev/svr-authpubkey.c
+--- dropbear.old/svr-authpubkey.c	2005-12-09 06:42:33.000000000 +0100
++++ dropbear.dev/svr-authpubkey.c	2005-12-12 01:35:32.139358750 +0100
+@@ -155,7 +155,6 @@
+ 		unsigned char* keyblob, unsigned int keybloblen) {
+ 
+ 	FILE * authfile = NULL;
+-	char * filename = NULL;
+ 	int ret = DROPBEAR_FAILURE;
+ 	buffer * line = NULL;
+ 	unsigned int len, pos;
+@@ -176,17 +175,8 @@
+ 		goto out;
+ 	}
+ 
+-	/* we don't need to check pw and pw_dir for validity, since
+-	 * its been done in checkpubkeyperms. */
+-	len = strlen(ses.authstate.pw->pw_dir);
+-	/* allocate max required pathname storage,
+-	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+-	filename = m_malloc(len + 22);
+-	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
+-				ses.authstate.pw->pw_dir);
+-
+ 	/* open the file */
+-	authfile = fopen(filename, "r");
++	authfile = fopen("/etc/dropbear/authorized_keys", "r");
+ 	if (authfile == NULL) {
+ 		goto out;
+ 	}
+@@ -247,7 +237,6 @@
+ 	if (line) {
+ 		buf_free(line);
+ 	}
+-	m_free(filename);
+ 	TRACE(("leave checkpubkey: ret=%d", ret))
+ 	return ret;
+ }
+@@ -255,12 +244,11 @@
+ 
+ /* Returns DROPBEAR_SUCCESS if file permissions for pubkeys are ok,
+  * DROPBEAR_FAILURE otherwise.
+- * Checks that the user's homedir, ~/.ssh, and
+- * ~/.ssh/authorized_keys are all owned by either root or the user, and are
++ * Checks that /etc/dropbear and /etc/dropbear/authorized_keys
++ * are all owned by either root or the user, and are
+  * g-w, o-w */
+ static int checkpubkeyperms() {
+ 
+-	char* filename = NULL; 
+ 	int ret = DROPBEAR_FAILURE;
+ 	unsigned int len;
+ 
+@@ -274,25 +262,11 @@
+ 		goto out;
+ 	}
+ 
+-	/* allocate max required pathname storage,
+-	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
+-	filename = m_malloc(len + 22);
+-	strncpy(filename, ses.authstate.pw->pw_dir, len+1);
+-
+-	/* check ~ */
+-	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
+-		goto out;
+-	}
+-
+-	/* check ~/.ssh */
+-	strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
+-	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
++	if (checkfileperm("/etc/dropbear") != DROPBEAR_SUCCESS) {
+ 		goto out;
+ 	}
+ 
+-	/* now check ~/.ssh/authorized_keys */
+-	strncat(filename, "/authorized_keys", 16);
+-	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
++	if (checkfileperm("/etc/dropbear/authorized_keys") != DROPBEAR_SUCCESS) {
+ 		goto out;
+ 	}
+ 
+@@ -300,7 +274,6 @@
+ 	ret = DROPBEAR_SUCCESS;
+ 	
+ out:
+-	m_free(filename);
+ 
+ 	TRACE(("leave checkpubkeyperms"))
+ 	return ret;
diff --git a/package/dropbear/patches/change-user.patch b/package/dropbear/patches/110-change_user.patch
index 5ab4a56899..ac617e2806 100644
--- a/package/dropbear/patches/change-user.patch
+++ b/package/dropbear/patches/110-change_user.patch
@@ -1,6 +1,6 @@
-diff -ruN dropbear-0.46-old/svr-chansession.c dropbear-0.46-new/svr-chansession.c
---- dropbear-0.46-old/svr-chansession.c	2005-07-08 21:20:59.000000000 +0200
-+++ dropbear-0.46-new/svr-chansession.c	2005-07-12 01:39:12.000000000 +0200
+diff -urN dropbear.old/svr-chansession.c dropbear.dev/svr-chansession.c
+--- dropbear.old/svr-chansession.c	2005-12-09 06:42:33.000000000 +0100
++++ dropbear.dev/svr-chansession.c	2005-12-12 01:42:38.982034750 +0100
 @@ -860,12 +860,12 @@
  	/* We can only change uid/gid as root ... */
  	if (getuid() == 0) {
diff --git a/package/dropbear/patches/hostkey-prompt.patch b/package/dropbear/patches/120-hostkey_prompt.patch
index 59639e7b97..59639e7b97 100644
--- a/package/dropbear/patches/hostkey-prompt.patch
+++ b/package/dropbear/patches/120-hostkey_prompt.patch
diff --git a/package/dropbear/patches/scp-argument-fix.patch b/package/dropbear/patches/130-scp_argument.patch
index befba5d395..befba5d395 100644
--- a/package/dropbear/patches/scp-argument-fix.patch
+++ b/package/dropbear/patches/130-scp_argument.patch
diff --git a/package/dropbear/patches/use-dev-urandom.patch b/package/dropbear/patches/140-use_dev_urandom.patch
index e1424f59a3..e1424f59a3 100644
--- a/package/dropbear/patches/use-dev-urandom.patch
+++ b/package/dropbear/patches/140-use_dev_urandom.patch
diff --git a/package/dropbear/patches/authpubkey.patch b/package/dropbear/patches/authpubkey.patch
deleted file mode 100644
index 07beefe714..0000000000
--- a/package/dropbear/patches/authpubkey.patch
+++ /dev/null
@@ -1,73 +0,0 @@
---- dropbear-0.45.old/svr-authpubkey.c	2005-09-27 12:45:20.863639072 +0200
-+++ dropbear-0.45/svr-authpubkey.c	2005-09-27 13:15:09.066790872 +0200
-@@ -176,14 +176,10 @@
- 		goto out;
- 	}
- 
--	/* we don't need to check pw and pw_dir for validity, since
--	 * its been done in checkpubkeyperms. */
--	len = strlen(ses.authstate.pw->pw_dir);
- 	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	snprintf(filename, len + 22, "%s/.ssh/authorized_keys", 
--				ses.authstate.pw->pw_dir);
-+	 * = "/etc/dropbear/authorized_keys" + '\0' = 30 */
-+	filename = m_malloc(30);
-+	strncpy(filename, "/etc/dropbear/authorized_keys", 30);
- 
- 	/* open the file */
- 	authfile = fopen(filename, "r");
-@@ -255,43 +251,33 @@
- 
- /* Returns DROPBEAR_SUCCESS if file permissions for pubkeys are ok,
-  * DROPBEAR_FAILURE otherwise.
-- * Checks that the user's homedir, ~/.ssh, and
-- * ~/.ssh/authorized_keys are all owned by either root or the user, and are
-+ * Checks that /etc, /etc/dropbear and /etc/dropbear/authorized_keys
-+ * are all owned by either root or the user, and are
-  * g-w, o-w */
- static int checkpubkeyperms() {
- 
- 	char* filename = NULL; 
- 	int ret = DROPBEAR_FAILURE;
--	unsigned int len;
- 
- 	TRACE(("enter checkpubkeyperms"))
- 
--	assert(ses.authstate.pw);
--	if (ses.authstate.pw->pw_dir == NULL) {
--		goto out;
--	}
--
--	if ((len = strlen(ses.authstate.pw->pw_dir)) == 0) {
--		goto out;
--	}
--
- 	/* allocate max required pathname storage,
--	 * = path + "/.ssh/authorized_keys" + '\0' = pathlen + 22 */
--	filename = m_malloc(len + 22);
--	strncpy(filename, ses.authstate.pw->pw_dir, len+1);
-+	 * = "/etc/dropbear/authorized_keys" + '\0' = 30 */
-+	filename = m_malloc(30);
-+	strncpy(filename, "/etc", 4); /* strlen("/etc") == 4 */
- 
--	/* check ~ */
-+	/* check /etc */
- 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- 		goto out;
- 	}
- 
--	/* check ~/.ssh */
--	strncat(filename, "/.ssh", 5); /* strlen("/.ssh") == 5 */
-+	/* check /etc/dropbear */
-+	strncat(filename, "/dropbear", 9); /* strlen("/dropbear") == 9 */
- 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- 		goto out;
- 	}
- 
--	/* now check ~/.ssh/authorized_keys */
-+	/* now check /etc/dropbear/authorized_keys */
- 	strncat(filename, "/authorized_keys", 16);
- 	if (checkfileperm(filename) != DROPBEAR_SUCCESS) {
- 		goto out;